Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LHgNBqhiGzL43AgO6A8ZiOcQvmE.roa
File: LHgNBqhiGzL43AgO6A8ZiOcQvmE.roa (raw, json)
Hash identifier: R6Op08pwvREwhW1phtDQGZKb1bSZ7fYxVILYZnnAtxs=
Subject key identifier: 2C:78:0D:06:A8:62:1B:32:F8:DC:08:0E:E8:0F:19:88:E7:10:BE:61
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2BC4E8EDDBD297222907909515C1D2D4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LHgNBqhiGzL43AgO6A8ZiOcQvmE.roa
Signing time: Fri 25 Aug 2023 08:17:19 +0000
ROA not before: Fri 25 Aug 2023 08:17:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2b:c4:e8:ed:db:d2:97:22:29:07:90:95:15:c1:d2:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 25 08:17:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c780d06a8621b32f8dc080ee80f1988e710be61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d7:10:8a:05:aa:5f:d8:27:5b:29:c8:77:d4:
22:24:3d:41:9a:2e:1d:f1:b5:a5:c2:d6:59:62:01:
cf:21:da:2c:c4:6c:65:e8:cc:10:d0:3e:a3:63:5e:
7a:65:30:e4:07:8e:8c:da:f5:28:40:0e:76:a4:b4:
7a:8a:c7:e0:9d:41:d9:19:2b:ae:a2:6a:f2:90:40:
aa:81:fb:16:ff:8f:4a:32:1d:91:11:54:5f:95:2e:
2d:20:d7:17:0d:38:ec:43:a6:90:54:e3:85:bf:89:
64:d4:36:4d:f4:99:ee:ad:a5:02:65:e7:b7:03:ed:
af:08:19:84:80:36:36:29:66:8e:6f:b7:1a:8b:5a:
6b:6d:02:de:8c:00:bd:8a:a2:60:d9:91:d7:63:4d:
de:07:ae:81:c3:0a:ba:c5:17:57:08:b1:58:2f:c8:
32:61:e8:9a:fa:6e:50:9b:25:7c:1d:2b:33:d7:0a:
36:e8:d3:ad:d6:39:31:3c:88:86:9c:e6:e1:ff:23:
78:1a:13:ad:09:c0:c4:d8:67:95:2f:3b:2f:61:32:
c9:15:29:3d:49:d9:02:a3:70:c5:39:57:e5:bb:24:
63:fd:db:9c:5e:19:15:d5:43:b5:b4:82:52:53:99:
6b:0a:7a:62:63:3e:aa:76:09:27:2f:53:14:d2:96:
89:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:78:0D:06:A8:62:1B:32:F8:DC:08:0E:E8:0F:19:88:E7:10:BE:61
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LHgNBqhiGzL43AgO6A8ZiOcQvmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:10:3c:4a:4e:0a:b3:80:b5:29:bf:7f:99:f1:d6:4c:55:f5:
2a:92:74:ca:2a:d8:bf:45:fc:e4:99:40:57:76:7a:ca:8b:ac:
2c:21:a1:e6:ce:a1:b8:e4:0d:d0:71:39:22:17:54:7a:7b:f5:
29:99:21:d1:25:4f:a6:91:9d:be:75:c0:6c:9d:19:e4:1f:a6:
6d:f4:ab:b8:1c:b7:d7:f1:23:a6:22:44:09:22:48:e8:0d:69:
6b:17:fa:82:c6:80:9e:47:96:5c:9c:a7:e3:46:c2:cb:1d:97:
f9:01:40:33:b2:b3:4d:fa:2a:33:1f:50:95:78:ce:b8:38:55:
1b:b0:75:a3:e0:b6:39:03:db:90:43:28:7f:ed:f4:04:3a:68:
af:b4:f8:46:16:4e:b7:6b:8d:72:be:d6:b1:04:65:2b:2f:03:
30:26:14:19:c6:60:9f:4f:26:25:59:31:a3:3a:5d:e3:70:4b:
ff:71:3f:3d:85:a6:24:9d:c1:e8:25:ab:67:39:c4:75:59:eb:
d2:d2:bb:7f:cd:9e:7a:c7:82:bd:99:23:aa:92:46:60:ec:10:
ba:2d:42:83:2c:2c:3e:c2:f6:e4:08:eb:95:07:5f:f3:d6:7a:
6e:0e:62:9c:4d:99:04:91:f0:6e:a3:dd:6e:9c:e5:e1:55:2d:
75:36:72:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYorxOjt29KXIikHkJUVwdLUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI1MDgxNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzc4MGQwNmE4NjIxYjMyZjhkYzA4MGVlODBmMTk4OGU3MTBiZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNcQigWqX9gnWynId9QiJD1Bmi4d
8bWlwtZZYgHPIdosxGxl6MwQ0D6jY156ZTDkB46M2vUoQA52pLR6isfgnUHZGSuu
omrykECqgfsW/49KMh2REVRflS4tINcXDTjsQ6aQVOOFv4lk1DZN9JnuraUCZee3
A+2vCBmEgDY2KWaOb7cai1prbQLejAC9iqJg2ZHXY03eB66Bwwq6xRdXCLFYL8gy
Yeia+m5QmyV8HSsz1wo26NOt1jkxPIiGnObh/yN4GhOtCcDE2GeVLzsvYTLJFSk9
SdkCo3DFOVfluyRj/ducXhkV1UO1tIJSU5lrCnpiYz6qdgknL1MU0paJqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCx4DQaoYhsy+NwIDugPGYjnEL5hMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTEhnTkJxaGlHekw0M0FnTzZBOFppT2NRdm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAIQPEpOCrOAtSm/f5nx
1kxV9SqSdMoq2L9F/OSZQFd2esqLrCwhoebOobjkDdBxOSIXVHp79SmZIdElT6aR
nb51wGydGeQfpm30q7gct9fxI6YiRAkiSOgNaWsX+oLGgJ5Hllycp+NGwssdl/kB
QDOys036KjMfUJV4zrg4VRuwdaPgtjkD25BDKH/t9AQ6aK+0+EYWTrdrjXK+1rEE
ZSsvAzAmFBnGYJ9PJiVZMaM6XeNwS/9xPz2FpiSdweglq2c5xHVZ69LSu3/NnnrH
gr2ZI6qSRmDsELotQoMsLD7C9uQI65UHX/PWem4OYpxNmQSR8G6j3W6c5eFVLXU2
cjo=
-----END CERTIFICATE-----
Generated at Thu May 1 17:41:34 2025 by rpki-client